I believe I have malware on my PC (XP SP2).
I am looking for ideas to clean it.
I observe the following:
Problem behavior:
1.
I run Avast (4.8 with automatic updates) and have received virus warnings about 5 times in the past month.
I have run 10 boot time scans with Avast. My warning.log file identifies three issues:
7/4/2009 8:58:55 AM 1246723135 SYSTEM 1532 Sign of “JS:Pdfka-JV [Expl]” has been found in “hXXp://bafstone.com/img/pfqe.php{gzip}” file.
7/25/2009 12:14:15 PM 1248549255 SYSTEM 1524 Sign of “Win32:Bifrose-EGW [Trj]” has been found in “C:\WINDOWS\Installer\aca27.msp” file.
7/27/2009 11:53:43 PM 1248764023 SYSTEM 1384 Function setifaceUpdatePackages() has failed. Return code is 0xC0000142, dwRes is C0000142.
I see a file with the Bifrose Trojan in my Avast Chest.
A couple boot time scans with Avast revealed warning messages with approximately 10 various .zip files and archive files.
After boot time, most of the files were typically missing when I hunted for them with Windows Explorer, except one file, <>, which I had downloaded from http://wXw.gutenberg.org/ on April 11, 2009.
I deleted the <> file. (I now realize I should have preserved it – perhaps I could have found some way to move it to the Avast chest?) This file is no longer on the Gutenberg website. When I unzipped this file, it was a Microsoft Help file format, (CHM, I think) and when I went to a help page with an extensive list of commands, the MS Help application seemed to freeze. (I was unable to use Avast to discover malware in this file at Windows run time – I saw warnings only during pre-boot scans. Is there a way to use Avast to generate warnings for these .zip and archive files during Windows post-boot operation?)
I no longer have the Avast warning messages, but given my repeated experience last week, could probably recreate them with a boot-time scan.
MAIN SYMPTOM:
When I attempt to use my Yahoo email account via Firefox, I notice slower response times (ranging from 2 times to 10 to 100 times slower). Yahoo gives me error messages sometimes that I might have malware or an ISP performance problem.
MAIN SYMPTOM:
When I attempt to run Microsoft Excel, it fails to run. Instead, a dialog box says that it is trying to install. Eventually the install fails. I get an error message: “Problem with Shortcut” “This patch package could not be opened. Verify that the patch package exists and that you can access it. Or contact the application vendor to verify that it is a valid Windows Installer patch package.”
I notice that the shortcut file is dated July 2009. This doesn’t make sense to me since I installed Excel years ago. I notice that actual application file itself has a recent date also (EXCEL.EXE, 5/5/2009). This is also confusing to me.
POSSIBLE RELATED ISSUE:
I notice MS Word has similar confusing dates – like MS Excel – though it appears to work.
POSSIBLE RELATED ISSUE:
I have problems with MS Outlook – it crashes when I open old emails.
For a while, it also seemed to have problems with trying to reinstall – though that issue has now disappeared.
I ran Spybot Search and Destroy last week, but this did not seem to resolve the issue.
Can you please suggest possible solutions to fix this situation?
Thank you much!